CVE-2008-2324

Опубликовано: 04 авг. 2008

Источник: nvd

CVSS2: 4.6

EPSS Низкий

Описание

The Repair Permissions tool in Disk Utility in Apple Mac OS X 10.4.11 adds the setuid bit to the emacs executable file, which allows local users to gain privileges by executing commands within emacs.

Ссылки

http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
http://secunia.com/advisories/31326
Vendor Advisory
http://www.securityfocus.com/bid/30483
http://www.securityfocus.com/bid/30492
http://www.securitytracker.com/id?1020605
http://www.vupen.com/english/advisories/2008/2268
https://exchange.xforce.ibmcloud.com/vulnerabilities/44132
http://lists.apple.com/archives/security-announce//2008/Jul/msg00003.html
http://secunia.com/advisories/31326
Vendor Advisory
http://www.securityfocus.com/bid/30483
http://www.securityfocus.com/bid/30492
http://www.securitytracker.com/id?1020605
http://www.vupen.com/english/advisories/2008/2268
https://exchange.xforce.ibmcloud.com/vulnerabilities/44132

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:apple:mac_os_x:10.4.11:*:*:*:*:*:*:*

cpe:2.3:o:apple:mac_os_x_server:10.4.11:*:*:*:*:*:*:*

EPSS

Процентиль: 14%

0.00047

Низкий

4.6 Medium

CVSS2

Дефекты

CWE-264

Связанные уязвимости

GHSA-mrc9-qx9x-77gq

github

почти 4 года назад